CVE-2018-4241: Buffer Overflow
First published: Fri Jun 01 2018(Updated: )
Kernel. A buffer overflow was addressed with improved bounds checking.
Credit: Ian Beer Google Project Zero product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| macOS High Sierra | <10.13.5 | 10.13.5 |
| macOS High Sierra | ||
| Apple El Capitan | ||
| Apple TV | <11.4 | |
| iStyle @cosme iPhone OS | <11.4 | |
| Apple iOS and macOS | <10.13.5 | |
| Apple iOS, iPadOS, and watchOS | <4.3.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT208849 (Advisory)
- http://www.securitytracker.com/id/1041027
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1558
- https://support.apple.com/HT208848
- https://support.apple.com/HT208849
- https://support.apple.com/HT208850
- https://support.apple.com/HT208851
- https://www.exploit-db.com/exploits/44849/
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2018-4196
- CVE-2018-4253
- CVE-2018-4256
- CVE-2018-4255
- CVE-2018-4254
- CVE-2018-4258
- CVE-2018-4257
- CVE-2018-7584
- CVE-2018-4219
- CVE-2018-5383
- CVE-2018-4171
- CVE-2018-4194
- CVE-2018-4180
- CVE-2018-4181
- CVE-2018-4182
- CVE-2018-4183
- CVE-2018-4478
- CVE-2018-4251
- CVE-2018-4211
- CVE-2018-4229
- CVE-2018-4159
- CVE-2018-4242
- CVE-2018-4202
- CVE-2018-4217
- CVE-2018-4141
- CVE-2018-4228
- CVE-2018-4236
- CVE-2018-4234
- CVE-2018-4249
- CVE-2018-8897
- CVE-2018-4241
- CVE-2018-4243
- CVE-2018-4237
- CVE-2018-4404
- CVE-2018-4227
- CVE-2018-4235
- CVE-2018-4240
- CVE-2018-4230
- CVE-2018-4221
- CVE-2018-4223
- CVE-2018-4224
- CVE-2018-4225
- CVE-2018-4226
- CVE-2018-4184
- CVE-2018-4198
- CVE-2018-4193
Frequently Asked Questions
What is the severity of CVE-2018-4241?
The severity of CVE-2018-4241 is critical, with a severity value of 7.8.
Which Apple products are affected by CVE-2018-4241?
iOS before 11.4, macOS before 10.13.5, tvOS before 11.4, and watchOS before 4.3.1 are affected by CVE-2018-4241.
What is the component involved in CVE-2018-4241?
The component involved in CVE-2018-4241 is the 'Kernel'.
What is the vulnerability description of CVE-2018-4241?
CVE-2018-4241 is a buffer overflow vulnerability in the mptcp_usr_connectx function, which allows attackers to execute arbitrary code.
How can I fix CVE-2018-4241?
To fix CVE-2018-4241, update your iOS to version 11.4 or later, update your macOS to version 10.13.5 or later, update your tvOS to version 11.4 or later, and update your watchOS to version 4.3.1 or later.
- agent/type
- agent/first-publish-date
- agent/references
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/trending
- agent/source
- agent/weakness
- collector/apple-support
- alias/CVE-2018-4243
- agent/software-canonical-lookup-request
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- vendor/apple
- canonical/macos high sierra
- canonical/apple el capitan
- canonical/apple tv
- canonical/istyle @cosme iphone os
- canonical/apple ios and macos
- canonical/apple ios, ipados, and watchos